<%@tag import="com.dxl.dao.common.context.SessionContext"%>
<%@tag import="org.apache.log4j.Logger"%>
<%@tag import="com.dxl.common.consts.SysConsts"%>
<%@tag import="com.dxl.service.sysprop.SysPropCacheManager"%>
<%@tag import="java.io.StringWriter"%>
<%@ tag import="com.dxl.service.account.AccountService"%>
<%@ tag import="com.dxl.common.spring.AppCtxHolder"%>
<%@ tag body-content="scriptless" pageEncoding="UTF-8" %>  

<%@ attribute name="codes" required="true" type="java.lang.String" rtexprvalue="true" %>  

<%
	Logger LOG = Logger.getLogger("permission.tag");
	String[] cs;
	boolean isOr = false, hasPermission = false;
	if (codes.indexOf("|") >= 0) {
		cs = codes.split("\\|");
		isOr = true;
	} else if (codes.contains("&")) {
		cs = codes.split("&");
	} else {
		cs = codes.split(",");
	}
	
	if (isOr) {
		for (String c : cs) {
			if (AppCtxHolder.getBean(AccountService.class).hasPermission(SessionContext.getSessionId(), c)) {
				hasPermission = true;
				break;
			}
		}
	} else {
		hasPermission = AppCtxHolder.getBean(AccountService.class).hasPermission(SessionContext.getSessionId(), cs);
	}
	
	if (hasPermission) {
		LOG.info("用户[" + SessionContext.getAccountName() + "]有权限：" + codes);
		StringWriter sw = new StringWriter();
		getJspBody().invoke(sw);
		
		sw.close();
		String body = sw.toString();
		out.print(body);
	} else {
		LOG.info("用户[" + SessionContext.getAccountName() + "]没有有权限：" + codes);
	}
%>